我有自己的API是用Play Scala编写的,前端客户端是用react.js编写的我无法发送注销请求(我使用OAuth2(,因为我收到了cors头的错误。我试着把它修好,但我做不到。
我的反应提取方法:
function signOut() {
const host = "http://localhost:9000/"
const route = "signOut";
const requestOptions = {
method: 'POST',
headers: { 'Content-Type': 'application/json','Access-Control-Allow-Origin': '*'},
credentials: 'include',
mode: 'cors',
};
return fetch(host + route, requestOptions).then((response) => response.json())
}
我的scala播放应用程序conf:
play.filters {
# Enabled filters are run automatically against Play.
# CSRFFilter, AllowedHostFilters, and SecurityHeadersFilters are enabled by default.
enabled += filters.ExampleFilter
enabled += play.filters.cors.CORSFilter
# Disabled filters remove elements from the enabled list.
#disabled += filters.ExampleFilter
}
enables += play.filter.cors.CorsFilter
cors {
# Filter paths by a whitelist of path prefixes
#pathPrefixes = ["/some/path", ...]
# The allowed origins. If null, all origins are allowed.
#allowedOrigins = ["https://www.example.com"]
allowedOrigins = ["http://localhost:3000"]
# The allowed HTTP methods. If null, all methods are allowed
#allowedHttpMethods = ["GET", "POST"]
allowedHttpMethods = ["GET", "POST", "PUT", "PATCH", "OPTION", "DELETE"]
}
来自浏览器的错误:
XHROPTIONShttp://localhost:9000/signOut
此外,浏览器指示没有标题CORS „Access-Control-Allow-Origin”
allowedOrigins = ["http://localhost:3000"]
应该与您的前端应用程序一致。检查所有路线。BTW:如果它是一个公共的API,你可以关闭这个过滤器。